package com.jianzh5.shiro;


import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

/**
 * 自定义表单验证(验证码)过滤器
 * @author jianzh5
 *
 */
public class FormAuthenticationCaptchaFilter extends FormAuthenticationFilter{
	
	public static final String DEFAULT_CAPTCHA_PARAM = "validateCode";	//定义验证码  跟前台表单名一致
	private String captchaParam = DEFAULT_CAPTCHA_PARAM;
	public String getCaptchaParam() {
		return captchaParam;
	}

	protected String getCaptcha(ServletRequest request) {
		return WebUtils.getCleanParam(request, getCaptchaParam());
	}
	
	protected AuthenticationToken createToken(ServletRequest request, ServletResponse response){
		String username = getUsername(request);
		String password = getPassword(request);
		if(password == null){
			password = "";
		}
		String host = getHost(request);
		boolean rememberMe = isRememberMe(request);
		String captcha = getCaptcha(request);
		
		return new UsernamePasswordCaptchaToken(username,password.toCharArray(),rememberMe,host,captcha) ;
	}
}
